kraken-openapi-skill
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches a curated OpenAPI schema from the vendor's GitHub repository (holon-run/uxc) to configure API interaction aliases.
- [COMMAND_EXECUTION]: Uses the
uxccommand-line tool to link the Kraken API and perform data retrieval operations as defined in the schema. - [PROMPT_INJECTION]: The presence of
references/kraken-spot-futures.openapi.jsonintroduces a potential indirect prompt injection surface. This file contains definitions for private endpoints such asAddOrderandCancelOrder, which contradicts the explicit 'read-only' and 'public-only' security boundaries defined in the skill documentation.
Audit Metadata